Type of security metadata observation made about an IT resource (data, information object, service, or system capability), which may be used to make access control decisions. Security metadata are used in security labels. According to ISO/TS 22600-3:2009(E) A.9.1.7 SECURITY LABEL MATCHING, Security label matching compares the initiator’s clearance to the target’s security label. All of the following must be true for authorization to be granted:
The security policy identifiers shall be identical,
The classification level of the initiator shall be greater than or equal to that of the target (that is, there shall be at least one value in the classification list of the clearance greater than or equal to the classification of the target), and
For each security category in the target label, there shall be a security category of the same type in the initiator’s clearance and the initiator’s classification level shall dominate that of the target.
security integrity provenance asserted by observation
Act Code
3‑L
SECINTPRVRBOBS
security integrity provenance reported by observation
Act Code
2‑L
SECINTSTOBS
security integrity status observation
Act Code
Legenda: Type L=leaf, S=specializable, A=abstract, D=deprecated. NullFlavor OTH (other) suggests text in originalText. HL7 V3: NullFlavors to appear in @nullFlavor attribute instead of @code.